9 matches found
Mageia: Security Advisory (MGASA-2018-0394)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : nextcloud (openSUSE-2019-655)
This update for nextcloud fixes security issues and bugs. Security issues fixed : - CVE-2018-3780: Stored XSS in autocomplete suggestions for file comments boo1114817 This update also contains all bug fixes and improvements in the 13.0.8 version, including : - Password expiration time changed fro...
openSUSE Security Update : nextcloud (openSUSE-2019-640)
This update for nextcloud to version 13.0.5 fixes the following issues : Security issues fixed : - CVE-2018-3780: Fixed a missing sanitization of search results for an autocomplete field that could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names,...
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2018:4002-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for nextcloud (moderate)
This update for nextcloud fixes security issues and bugs. Security issues fixed: - CVE-2018-3780: Stored XSS in autocomplete suggestions for file comments boo1114817 This update also contains all bug fixes and improvements in the 13.0.8 version, including: - Password expiration time changed from...
openSUSE Security Update : nextcloud (openSUSE-2018-1487)
This update for nextcloud fixes security issues and bugs. Security issues fixed : - CVE-2018-3780: Stored XSS in autocomplete suggestions for file comments boo1114817 This update also contains all bug fixes and improvements in the 13.0.8 version, including : - Password expiration time changed fro...
Security update for nextcloud (moderate)
This update for nextcloud to version 13.0.5 fixes the following issues: Security issues fixed: - CVE-2018-3780: Fixed a missing sanitization of search results for an autocomplete field that could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names,...
openSUSE Security Update : nextcloud (openSUSE-2018-936)
This update for nextcloud to version 13.0.5 fixes the following issues : Security issues fixed : - CVE-2018-3780: Fixed a missing sanitization of search results for an autocomplete field that could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names,...
CVE-2018-3780
CVE-2018-3780 detail (normal mode): Nextcloud’s autocomplete search results may expose a stored XSS due to missing sanitization in the autocomplete field. The flaw affects Nextcloud Server releases around 13.x (notably 13.0.5 and related updates) and can be triggered by crafted search results con...